1. Technical Field
The invention generally relates to the field of security/compliance and in particular to comparing one organization's security/compliance data to an aggregation of multiple organizations' security/compliance data.
2. Background Information
Today's information technology (IT) departments are inundated with data about their security and compliance, but too often they don't have the tools to assess the effectiveness and impact of their security investments, to monitor risk and compliance initiatives, or to communicate with stakeholders in a relevant and actionable context. Organizations have spent millions on protecting their data and their customers' data but are still unable to prove that security is improving and compliance is achieved.
It would be helpful if an organization could obtain a real-world understanding of how its security and compliance posture compares to other similar organizations. However, no system exists for aggregating multiple organizations' security/compliance data and comparing that data to one organization's security/compliance data.